Fix result of Farbar Recovery Scan Tool (x64) Version:02-08-2015 01
Ran by usa (2015-08-05 16:12:30) Run:1
Running from C:\Users\usa\Desktop\New Malware Scans
Loaded Profiles: usa (Available Profiles: usa)
Boot Mode: Normal
==============================================
fixlist content:
*****************
HKU\S-1-5-19\...\Run: [ArmA 2] => rundll32 "C:\Users\usa\AppData\Local\Oblivion\ArmA 2\maoe.dll",DllRegisterServer <===== ATTENTION
HKU\S-1-5-20\...\Run: [ArmA 2] => rundll32 "C:\Users\usa\AppData\Local\Oblivion\ArmA 2\maoe.dll",DllRegisterServer <===== ATTENTION
HKU\S-1-5-21-3152413659-541220980-1918132639-1000\...\Run: [ArmA 2] => rundll32 "C:\Users\usa\AppData\Local\Oblivion\ArmA 2\maoe.dll",DllRegisterServer <===== ATTENTION
HKU\S-1-5-18\...\Run: [ArmA 2] => rundll32 "C:\Users\usa\AppData\Local\Oblivion\ArmA 2\maoe.dll",DllRegisterServer <===== ATTENTION
C:\Users\usa\AppData\Local\Oblivion\ArmA 2\maoe.dll
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
Hosts:
EmptyTemp:
CMD: ipconfig /flushdns
*****************
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run\\ArmA 2 => value removed successfully
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run\\ArmA 2 => value removed successfully
HKU\S-1-5-21-3152413659-541220980-1918132639-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ArmA 2 => value removed successfully
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\ArmA 2 => value removed successfully
C:\Users\usa\AppData\Local\Oblivion\ArmA 2\maoe.dll => moved successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin" => key removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully.
Hosts restored successfully.
========= ipconfig /flushdns =========
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
========= End of CMD: =========
EmptyTemp: => 14.7 GB temporary data Removed.
The system needed a reboot..
==== End of Fixlog 16:14:35 ====